package bold.shiro;

import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.apache.shiro.web.util.WebUtils;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import java.io.Serializable;

/**
 * 自定义Session管理器，以Token做会话保持，同时兼容Cookie方式
 * 默认从请求头中获取Token，获取不到会继续读取Cookie
 */
@Slf4j
public class MySessionManager extends DefaultWebSessionManager {


    @Override
    public Serializable getSessionId(ServletRequest request, ServletResponse response) {
        String token = ((HttpServletRequest) request).getHeader("token");
        log.info("shiro-trace==token={}",token);
//        Serializable sessionId = super.getSessionId(request, response);
        return token;
    }

}
